Security & Compliance

DEVO-2024-0012

Summary

Remote Desktop Manager Windows is affected by a vulnerability.

Affected Products

Remote Desktop Manager 2024.2.14 and earlier

Change Log

16/7/2024 - Initial publication

Severity

High

Products

Remote Desktop Manager Windows

Fix Version

2024.2.15.0

Exposure of Sensitive Information in edge browser session proxy feature

Description

Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote Desktop Manager 2024.2.14.0 and earlier on Windows allows an attacker to intercept proxy credentials via a specially crafted website.

Remediation and Workarounds

Upgrade to Remote Desktop Manager 2024.2.15.0 or higher

Severity

7.1 High - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/U:Amber

Affected Products

Remote Desktop Manager 2024.2.14.0 and earlier

CVE(s)

CVE-2024-6492

Credits

Jérémy Sinou

Helping organizations control the IT chaos by providing highly-secure password, remote connection and privileged access management solutions.

DEVOLUTIONS

Legal & privacy | infos@devolutions.net

All rights reserved © 2025 Devolutions